Abstract

Day after day, SQL Injection (SQLI) attack is consistently proliferating across the globe. According to Open Web Application Security Project (OWASP) Top Ten Cheat Sheet-2014, SQLI is at top in the list of online attacks. The cause of spread of SQLI is thought to be Unsecure Software Engineering. The Software Development process itself appears to look at security as an add-on to be checked and deployed towards the end of the software development lifecycle which leads to vulnerabilities in web applications. This paper is an attempt to integrate security in early stages of SDLC i.e. in design phase to mitigate SQLI vulnerability. How SQLI attack happens is illustrated. Threat Modeling is performed to mitigate the SQLI vulnerability.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Mitigation of SQL injection vulnerability during development of web applications
Parminder Kaur ... Navdeep Kaur
International Journal of Web Science | VOL. 3
Parminder Kaur, et. al.Parminder Kaur ... Navdeep Kaur
01 Jan 2019
Mitigation of SQL injection vulnerability during development of web applications
Navdeep Kaur ... Parminder Kaur
International Journal of Web Science | VOL. 3
Navdeep Kaur, et. al.Navdeep Kaur ... Parminder Kaur
01 Jan 2019
Cross-Site Scripting (XSS) and SQL Injection Attacks Multi-classification Using Bidirectional LSTM Recurrent Neural Network
Abdulgbar A R Farea ... Chengliang Wang
-
Abdulgbar A R Farea, et. al.Abdulgbar A R Farea ... Chengliang Wang
17 Dec 2021
Analysis of SQL Injection Attack Detection and Prevention on MySQL Database Using Input Categorization and Input Verifier
Alya Aiman Salsabila Arif ... Nurul Qomariasih
-
Alya Aiman Salsabila Arif, et. al.Alya Aiman Salsabila Arif ... Nurul Qomariasih
19 Oct 2022
View more papers

More From: ACM SIGSOFT Software Engineering Notes

Paper Title
Journal
Date
Author
Debunking the Myths of Code Velocity: The Elusive Search for Speed
Gunnar Kudrjavets
ACM SIGSOFT Software Engineering Notes | VOL. 49
Gunnar KudrjavetsGunnar Kudrjavets
17 Jul 2024
Emerging Advanced Technologies for Game Engineering
Joan Arnedo-Moreno ... Kendra M L Cooper
ACM SIGSOFT Software Engineering Notes | VOL. 49
Joan Arnedo-Moreno, et. al.Joan Arnedo-Moreno ... Kendra M L Cooper
17 Jul 2024
An Interview with Massimiliano Di Penta - 2024 SIGSOFT Awardee
Jacopo Soldani
ACM SIGSOFT Software Engineering Notes | VOL. 49
Jacopo SoldaniJacopo Soldani
17 Jul 2024
The 13th International Workshop on Genetic Improvement(GI @ ICSE 2024)
William B Langdon ... Erik M Fredericks
ACM SIGSOFT Software Engineering Notes | VOL. 49
William B Langdon, et. al.William B Langdon ... Erik M Fredericks
17 Jul 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.